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[57] ABSTRACT 

A system and method for performing an on-line ATM/POS 
transaction utilizing checking or savings account funds over 
a public access network is disclosed. The invention com- 
prises creating an electronic financial transaction instruction 
comprising card information and security information that 
are encrypted for secure transmission over the public access 
network. The card information identifies a checking or 
savings account number of a purchaser. The security infor- 
mation identifies a personal identification number associated 
with the identified account number that authorizes the use of 
the account number in an on-line ATM/POS transaction. The 
financial transaction instruction is decrypted by a financial 
institution and reformatted to form a transaction request 
suitable for transmission over an on-line ATM/POS trans- 
action system. The transaction request is then processed like 
a typical ATM or merchant POS on-line ATM/POS transac- 
tion. As such, approval and settlement of the financial 
transaction instruction is obtained in real time. Thus, the 
present invention provides an on-line ATM/POS transaction 
capability utilizing checking or savings account funds from 
a public access network, such as the Internet or electronic 
mail. 

47 Claims, 8 Drawing Sheets 
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SYSTEM AND METHOD FOR PERFORMING The embossed number on the card is also stored on the 

AN ELECTRONIC FINANCIAL magnetic stripe of the card, or for a smart card, within the 

TRANSACTION memory of the microcomputer chip on the card. The BIN 

consists of the first six digits of the embossed number, 

CROSS-REFERENCE TO RELATED 5 according to International Standards Organization (ISO) 

APPLICATIONS standard number ISO 7812. Further, ISO provides the BIN 

numbers worldwide to insure that there is no duplication. 

This application claims the benefit of U.S. Provisional ^ fiIN ^ the AJM network how to route the transaction 

Application No. 60/072,878 filed Jan. 28, 1998 and U.S. SQ (hat it gets back t0 the purchaser's bank, and each bank 

Provisional Application No. 60/097,501 filed Aug. 21, 1998. ^ that accepts one of these orMine ATM/P0 S transactions has 

BACKGROUND OF THE INVENTION a cross-reference between the embossed I number and the 

actual account number. The on-line ATM/POS transaction 

The present invention relates to electronic funds transfer creates an on-line authorization that verifies the card number 

instruments, and more particularly, to performing secure and PIN, and determines if the card is lost or stolen or if the 

financial transactions over a public access network using 15 associated account is blocked. Further, the associated bank 

checking and savings account funds. account is checked to determine if there are sufficient funds 

With the increasing commercialization of the Internet, to cover the transaction amount. The transaction is then 

new methods of performing secure and verifiable payment settled the same business day through the ATM networks, 

transactions are desired. The most common methods in use An on-line ATM/POS transaction is beneficial to both the 

today, for example, require a purchaser to enter credit card 20 purchaser and the merchant. For the purchaser who would 

or non-PIN-based debit card information and send it, unse- normally roll-over some or all of a credit card transaction, 

cured or secured by encryption, to a merchant. The merchant the on-line ATM/POS transaction is beneficial because it 

decrypts the card information and uses it to complete the saves the purchaser from having to pay finance charges. For 

transaction. This type of transaction is known as a Mail the merchant, an on-line ATM/POS transaction is beneficial 

Order Telephone Order (MOTO) transaction. MOTO trans- 25 because the cost to the merchant for this type of transaction 

actions are disadvantageous from a merchant standpoint, is based on a fixed fee. The fixed fee is typically less than the 

however, because they are costly and risky. A merchant's percentage of the transaction amount charged for credit 

cost for performing a MOTO transaction may be 5% or more transactions, especially for transaction amounts over about 

of the entire transaction amount. MOTO transactions are $10-$12 U.S. dollars. Thus, on-line ATM/POS transactions 

risky because the merchant has no idea with whom they are 30 are typically more desirable for the merchant for these dollar 

actually dealing. Because a personal identification number amount transactions. 

(PIN) is not required, the only authorization-type of check Currently, the ATM network is not set up to handle the 

that a merchant can use in a MOTO transaction is to verify entry of a purchaser's actual account number into an ATM 

the mailing address given by the purchaser with the issuing or merchant POS terminal and have that account number 

card company's mailing address for the card number. Often, 35 sen t through the network. This is because the actual account 

the merchant must pay a fee to the card company to be number is not in the proper format and contains no routing 

supplied with this mailing address information. Further, the instructions. Similarly, the ATM network cannot handle the 

merchant, as opposed to the card company, assumes liability direct entry of a bank's routing transit number followed by 

for a shipment in a MOTO transaction if no address confir- an account number, for the same reasons. Even though the 

mation is obtained. 40 BIN provides routing instructions, it is not the same number 

For example, for a debit card linked to a credit card as a bank routing transit number, which is used to route 

account, a consumer does not need to enter a PIN when they paper checks, wire transfers and Automated Clearing House 

have a Visa® or Mastercard® logo on their debit card. The transactions. Thus, transactions utilizing merchant POS and 

transaction is performed like a credit transaction, but the ATM terminals are the only current methods commercially 

funds are taken out of their checking account. That trans- 45 available for an on-line, real time financial transaction 

action goes through the Visa/Mastercard credit network, and utilizing checking or savings account funds, 

as a result the merchant pays the 5% or more discount fee i n an effort to expand the available sources of payment, 

because the transaction is treated like a credit card transac- methods have been developed to utilize checking account 

tion even though it winds up being charged to a checking funds to perform Internet transactions. These methods allow 

account. For the merchant, the transaction is settled along 50 the use of "electronic checks" to perform transactions. One 

with other credit card transactions, with the settlement example of such an electronic check is the "echeck" process 

occurring usually the night of the transaction, or the follow- established by the Financial Services Technology Consor- 

ing day. For the purchaser, the transaction may not be tium (FSTC). There are a number of problems, however, 

charged to their account for several days. associated with current electronic check methods. For 

A second type of POS transaction utilizes the automated 55 example, since the flow of the current electronic check 

teller machine (ATM) network, making it a completely replicates the flow used for paper checks, there is a delay 

on-line and real time transaction. This type of on-line between the time that the electronic check is endorsed and 

ATM/POS transaction is performed at ATM machines or the time that the electronic check is approved for payment, 

merchant POS terminals directly connected to the ATM This delay may be one or more days. For example, the 

network. For this type of transaction, a purchaser dips or 60 electronic check transaction flow goes from the purchaser to 

swipes their ATM, debit or check card, enters their PIN, and the merchant to the check service provider. The check 

the network recognizes this as an on-line ATM/POS trans- service provider issues a debit over the Automated Clearing 

action and routes it through the same network that is used for House (ACH) network or the Electronic Check Processing 

ATM transactions. As part of that routing process, the (ECP) to the purchaser's account. The ACH or ECP debit 

network is set up to route the transaction according to a Bank 65 may take a couple of days to get to the purchaser's bank, 

Identification Number (BIN) included in a Primary Account depending on how long the check service provider holds on 

Number (PAN), which is the embossed number on the card. to the money to gain float revenue. Also, there is the 
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possibility that the ACH or ECP debit may be returned (like SUMMARY OF THE INVENTION 

a bounced check) if there are not enough funds in the „ , , 

account. As a result, the merchant typically must wait a A P referred embodiment of the present invention corn- 
number of days to find out whether or not the funds are good, P nses a svstem for a Purchaser to perform an on-line 
thereby delaying fulfillment of the order. As such, utilizing 5 ATM/POS financial transaction from a personal computer 
this type of electronic check creates uncertainty for the over a public access communications network utilizing a 
merchant, as they are unsure if the electronic check will be universally acceptable electronic financial transaction 
paid. Thus, despite the transaction having the appearance to instruction that debits a purchaser's checking or savings 
the purchaser of being on-line and real time, it takes several account. The financial transaction instruction is provided in 
days for their account to be charged and for the transaction a secured format for transactions sent over the public access 
to be completely processed. communications network, which is external from an on-line 

Additionally, because the typical electronic check process ATM/POS transaction system. The system of the present 

replicates the paper check process, the transaction flow invention utilizes card and security information to authen- 

requires the merchant's bank to have the electronic check ticate the purchaser and validate their authority to initiate the 

capability. For a consumer to be able to use this type of financial transaction instruction to debit the identified 

electronic check, however, the consumer must be a member account. Further, the system utilizes a secure mechanism to 

of a bank or financial institution that offers this service. Over protect the card and security information as it is transmitted 

the next 5 to 10 years, however, only a few dozen financial over the public access network to a financial institution 

institutions are estimated to participate in issuing electronic providing access to the on-line ATM/POS transaction sys- 

checks. Because of this limited participation, the majority of 2Q tern. The system of the present invention advantageously 

purchasers will not have access to electronic checks from the does not require an account relationship between the 

financial institution with whom they have an account re la- purchaser, the merchant, and the financial institution pro- 

tionship. Thus, in turn, the number of purchasers that a viding access to the on-line ATM/POS system. Further, the 

merchant can attract and serve with an electronic check is system beneficially does not require the bank used by the 

limited. 25 purchaser and/or the bank used by the merchant to have the 

Additionally, for example, not only must the purchaser be capability to perform financial transaction instructions over 

a member of a participating financial institution, but the the Internet. Additionally, the system is compatible with 

merchant must set up procedures for these types of trans- current financial transaction systems, thus making the 

actions to deal with the limited number of participating present financial transaction instruction a universally accept- 

financial institutions. Due to the limited number of custom- 30 able on-line ATM/POS transaction from a source external 

ers who would utilize this payment method, a merchant may from the on-line ATM/POS transaction system, 

be discouraged from expending the time and money to According to a preferred embodiment, a method of per- 

establish such a system. forming a financial transaction between a purchaser and a 

Another scheme requires the purchaser to deposit funds merchant, comprises creating purchaser payment instruc- 

into a trusted third party's account before the purchaser can 35 tions comprising encrypted, electronic representations of a 

perform a transaction. This scheme is fraught with ineffi- purchaser transaction amount, card information and security 

ciencies. For example, inefficiencies include the time wasted information. The card information identifies a checking or 

as purchaser must plan ahead in order to deposit the funds, savings account at purchaser's bank and the security infor- 

and also the time wasted in finding a third party mutually mation comprises a personal identification number associ- 

trusted by the purchaser and the merchant. Ilius, the use of 40 ated with the identified card number for authorizing its use 

trusted third parties is not desirable for on-line, real time in an on-line ATM/POS transaction. The card information 

transactions. and the security information must be encrypted, using an 

Further, with the Internet serving a worldwide market, encryption method dictated by on-line ATM/POS transac- 
there is a desire for allowing a purchaser using one currency tion system standards. The purchaser payment instructions 
to perform an on-line, real time financial transaction with a 45 are protected by a first secure mechanism, such as encryp- 
merchant using another currency. The ATM network dis- tion or digital signature. The digital signature of the pur- 
cussed above allows this type of transaction to occur. For chaser provides verification of the identity of the purchaser 
example, a United States citizen traveling in a foreign and the integrity of the purchaser payment instruction. The 
country can utilize their ATM debit card in a local ATM to purchaser payment instructions are electronically delivered 
get a designated amount of the local currency. The func- 50 to the merchant, such as over a public access network like 
tionality exists within the ATM network to convert the the Internet. Merchant payment instructions are appended to 
amount of local currency obtained into a corresponding the purchaser payment instructions to create financial trans- 
amount of United States dollars and debit the appropriate action instructions. The merchant payment instructions corn- 
amount, prise merchant identification and merchant deposit account 

Currently, there is a need for low cost access to checking 55 identification used in performing the transaction. The finan- 

and savings accounts to perform financial transactions over cial transaction instructions are protected by a second secure 

the Internet. There is no current mechanism, however, that mechanism, such as with encryption and/or by the digital 

connects the ATM network to purchasers on the Internet. signature of the merchant. The merchant's digital signature 

Most purchasers access the Internet from remote locations, provides verification of the merchant's identity and of the 

such as personal computers at home or at a business. 60 integrity of the financial transaction instructions. A digital 

Meanwhile, access to the ATM network is typically provided certificate of the merchant may be appended to the financial 

only through ATM machines and POS merchant terminals transaction instructions, where the merchant's digital cer- 

directly connected to the network. Thus, there is currently no tificate provides additional verification of the merchant's 

mechanism that allows purchasers and merchants using the identity and the integrity of the financial transaction instruc- 

Internet or electronic mail the real-time, on-line ATM/POS 65 tions. 

transaction functionality provided by the on-line ATM/POS The financial transaction instructions are electronically 

transaction system. delivered, such as over the Internet, to a financial institution 
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offering access to the on-line ATM/POS transaction system financial transactions, which then forwards the financial 

to perform the financial transaction. The financial institution transaction instruction to financial institution 22. Financial 

removes and reformats the encrypted financial transaction institution 22 is a bank or other service provider that 

instructions to form an ATM/POS transaction request. provides purchaser 12 with indirect access to the on-line 

Reformatting the information comprises placing the ATM/ 5 ATM/POS transaction system 24, such as the ATM network. 

POS transaction request in a form accepted by the on-line A* suc *>. financial institution 22 removes the data suitable 

ATM/POS transaction system. The ATM/POS transaction for performing an on-line ATM/POS transaction from finan- 

reques. is electronically delivered to the purchaser's bank Cial transaction instruction ^Financial institution 22 for- 

through the on-line ATM/POS transaction system. A ™ ats f d * ta mt0 V* 0 ^™^ transaction request 

response message is received at the financial institution from 10 26 and P erforms ' » staDdar f A ™/?° S transaction just like 

the purchaser's bank through the on-line ATM/POS trans- a transacts performed at an ATM or at a merchant POS 

action system, where the response message is an approval if errnina . 

the financial transaction is acceptable and a denial if the to such financial institution 22 sends transaction request 
financial transaction is unacceptable. An authorization mes- 26 t0 Phaser s bank 28 through on-line ATM/POS trans- 
sage is electronically delivered to the merchant to indicate 15 action s y stem 24 Purchaser's bank 28 returns a response 
whether the response message is an approval or a denial. If messa S e 30 to financial institution 22 comprising an autho- 
the response message is an approval, then the identified rization if transaction request 26 is approved, or a denial if 
account number is debited by the transaction amount and a not approved. Correspondingly, purchaser s bank 28 debits 
credit equivalent to the transaction amount is sent to the an account identified in transaction request 26 if the request 
merchant's deposit account. Thus, the present invention 20 is approved. Fmancial institution 22 notifies merchant 14 of 
provides a system and method for a low cost, electronic the approval status of the financial transaction instruction 18 
financial transaction instruction for an on-line ATM/POS b X sendin S an authorization message 32 over network 20 
transaction from a source external from the on-line ATM/ Correspondingly, if the transaction is approved, financial 
POS transaction system utilizing checking or savings institution 22 provides merchant's bank 34 with a credit 36 
account funds 25 through a bank payment system network 38, such as the 

Automated Clearing House (ACH). Upon receiving autho- 

BRIEF DESCRIPTION OF THE DRAWINGS rization message 32, merchant 14 may then complete the 

„ . , . . e ■ j. transaction, if required. As a result, purchaser 12 and mer- 

F1G. 1 is a schematic representation of one embodiment cfaant M form a finandal transaction with a guaranteed 

of a system according to the present invention; ^ paymem ^ ^ authorized m real time and on-line. Thus, the 

FIGS. 2A-2C are flow charts representing one embodi- present invention provides a system and method for an 

ment of a method of the present invention; on-line ATM/POS transaction over a public access network 

FIG. 3 is a more detailed schematic representation of a external from the on-line ATM/POS transaction system, 

portion of the system of FIG. 1; and Typically, on-line ATM/POS transactions are only per- 

FIGS. 4A-4C are flow charts representing another 35 formed at sources that are directly connected to the on-line 

embodiment of a method of the present invention. ATM/POS transaction system through a hard-wired, direct 

connection to an on-line ATM/POS service provider, such as 

DETAILED DESCRIPTION OF THE financial institution 22. The hard-wired, direct connection is 

INVENTION typically a private telephone line that is leased from the 

The present invention comprises a system and method for 40 service provider or from the ATM/POS network provider, 

a purchaser to perform an on-line ATM/POS transaction For example, ATM's and merchant POS terminals are 

utilizing checking and savings account funds from a trans- directly connected to the on-line ATM/POS transaction 

action source external from the on-line ATM/POS transac- system. As such, access to the on-line ATM/POS network is 

tion system, such as a personal computer connected to the generally restricted to these sources. 

Internet. According to one preferred embodiment of the 45 In contrast, the present invention is a system that provides 

present invention, referring to FIG. 1, a system 10 for on-line ATM/POS transaction capability over a public access 

performing a financial transaction comprises a purchaser 12 network or open network, such as the Internet. The rise in 

remotely interacting 13 with a merchant 14 over a commu- commerce being performed over public access networks 

nications network 16, such as a public access network like with no direct connections to, or that are external from, the 

the Internet and its World Wide Web or electronic mail 50 on-line ATM/POS system has created a new point-of-sale, 

(e-mail) protocols, and other similar networks. Purchaser 12 One example of such a new point of sale is a personal 

provides merchant 14 with digitally signed and/or computer connected to the Internet. These new points-of- 

encrypted, electronic purchaser payment instructions 15. sale, however, are outside of the current paradigm for 

Purchaser payment instructions 15 include encrypted card connection to the on-line ATM/POS system. As a result, 

information and security information. Merchant 14 adds 55 reliable and secure methods for performing an on-line 

merchant payment instructions 17, such as merchant iden- ATM/POS transaction from these new POS sources are 

tification and transaction amount information, to purchaser lacking. Therefore, the present invention beneficially allows 

payment instructions 15 to form an electronic financial a consumer the convenience of utilizing checking or savings 

transaction instruction 18 that the merchant digitally signs account funds in an on-line ATM/POS transaction from a 

and/or encrypts. Financial transaction instructions 18 thus 60 source that is remote from the on-line ATM/POS system, 

comprise data suitable for performing an on-line ATM/POS such as the Internet, thereby resulting in an external ATM/ 

transaction. Merchant 14 remotely transfers financial trans- POS transaction that is on-line and in real time, 

action instruction 18 over communications network 20, As used herein, the term "purchaser" refers to an entity 

which is similar or the same as communications network 16, that is exchanging value for a good, a service or for other 

to a financial institution 22. In an alternate embodiment, 65 value. The purchaser is the owner of, or rightfully has access 

merchant 14 may send financial transaction instruction 18 to to, the savings or checking account that comprises the funds 

a merchant service provider that handles the merchant's or value utilized by the purchaser in the transaction. The 
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term "merchant" refers to an entity that is exchanging a card reader interface 62 of card reader device 64 and by 

good, a service or value for the purchaser's value. Typically, entering PIN 60 into keypad 66 of the card reader device, 

the purchaser is on a public access network, such as the For example, the purchaser may use a Citibank® ATM card 

Internet, buying items from the merchant. Although, as one and insert it into a magnetic stripe reader/writer device, 

skilled in the art will realize, many other similar financial 5 Alternatively, the purchaser may use a Citibank® Smart 

transactions may be performed utilizing the present inven- Card and insert it into a smart card reader/writer device, such 

tion. as the PC PAY® PC2200 product from Innovonics, Inc. of 

Financial transaction instruction 18, as is discussed in Phoenix, Ariz. Card reader device 64 may further comprise 

more detail below, comprises all of the data necessary to a processor 68 and a memory 70, including security software 

perform an on-line ATM/POS transaction. Typically, this 1Q 72 comprising encryption algorithms. Security software 72 

information comprises information concerning the encrypts card information 39 and security information 40 

purchaser, the merchant and the transaction. Purchaser infer- ( Block according to ATM/POS network standards, 

mation may comprise name identification, a card number which curreDt iy comprise encrypting the data according to 

used as a source of value for debiting, and a personal the Data Encryption standard (DES). DES is a symmetric 

identification number (PIN^ .for authenticating the purchaser tion method where financial ins titution 22 (FIG. 1) 

for use of the card number. The card number is then d tion k Ai though , ^ one skiUed in the art 

cross-referenced to an account number within the systems or ... .. *i_ *• *u j u a 

u » u 1 c -i 1 u • • f _ * ■ — will reahze, many other encryption methods may be utilized, 

purchasers bank. Similarly, merchant information may , , . e * t i t - -* 

include name identification, and an account number for Card reader d * vice 64 ior ™ dS the e ^XP ted card inf ^- 

crediting with value. Finally, transaction information or matlon 39 and xcml y information 40 to computer 50, 

purchase order information may comprise the quantities, 20 which may also add other information to form purchaser 

identification and prices of goods and services, the transac- payment instructions 15 (Block 118). Purchaser payment 

tion amount, the transaction date and the transaction time, instructions 15 may comprise many other instructions, such 

etc. All of this information is typically contained in pur- as purchase order information including the quantity and 

chaser and merchant payment instructions, as is discussed price of the good/service and purchaser's transaction 

below. 25 amount, delivery information, authorization to add shipping 

Referring to FIGS. 2A-2C and 3, a preferred system 10 of costs up to a specified limit, authorizations to make payment 

the present invention comprises purchaser 12 making a in a foreign currency while debiting the account in U.S. 

purchase from merchant 14, such as a purchaser accessing a dollars, etc, 

merchant's World Wide Web site with a personal computer Additionally, secure mechanism 74 is an security method 
or other source that is external from, or not directly con- 30 utilized to protect purchaser payment instructions 15 in the 
nected to, the on- fine ATM/POS transaction system 24 (FIG. transfer to merchant 14 or any other entity (Block 120) over 
2, Block 110). Upon placing an order for an item from the communications network 16. Secure mechanism 74 pro- 
site, purchaser 12 is presented with a number of payment vides integrity assurance, verifying that purchaser payment 
options (Block 112). One of the payment options is to instructions 15 have not been altered, and also allows 
perform the transaction utilizing funds from the purchaser's 35 financial institution 22 to confirm the identity of purchaser 
checking or savings account. Upon selecting this option 12. For example, secure mechanism 74 may comprise one or 
(Block 114), purchaser 12 is prompted to provide card a combination of the following operations on purchaser 
information 39 (FIG. 3) and security information 40 (FIG. 3) payment instructions 15: symmetric encryption, asymmetric 
to identify and authenticate themself and validate the trans- encryption, a purchaser's verifiable digital signature and a 
action (Block 116). 40 verifiable digital certificate. Although, as one skilled in the 
Referring to FIG. 3, card information 39 is contained in art will realize, many other security methods may be uti- 
memory 42 on card 44, such as an ATM, debit and smart lized. Preferably, purchaser payment instructions 15 are 
card, or is contained within software 46 within memory 48 digitally signed by purchaser 12. The digital signature of 
of computer 50 utilized by purchaser 12. Computer 50, such purchaser 12 verifies purchaser's identity and that purchaser 
as a personal computer located at the purchaser's home or 45 payment instructions 15 have not been altered. This provides 
business, may further comprise a processor 52 and an a first level of protection for transmitting purchaser payment 
input/output 54 connected to communications network 16. instructions 15 over communications network 16. A digital 
Card information 39 may comprise cardholder data 56, such certificate may also be used to provide verification of the 
as the name of the cardholder, and card number data 58. identity of the sender, as well as providing the sender's 
Card number data 58 includes a bank identification number 50 public key for use in sending an encrypted response back to 
used to direct the transaction through on-line ATM/POS the sender. 

system 24 (FIG. 1). Further, card number data 58 includes a A second level of privacy and protection comprises 
number that is associated with the actual savings or checking encrypting the digitally signed purchaser payment instruc- 
account number in purchaser's bank 28 to be used to fund tions 15 before transmission to merchant 14. Depending on 
the transaction. Also, card information 39 may comprise any 55 the what kind of privacy is required, and between which 
other type of data that purchaser's bank 28 may choose to parties, this second level of privacy provided by secure 
include in memory 42 as allowed by ISO standards. The mechanism 74 may comprise any or a combination of 
ATM card comprises a magnetic stripe that holds card symmetric and asymmetric encryption. For example, pur- 
information 39, while the smart card contains similar infer- chaser 12 may want or allow merchant 14 to have access to 
mation within an embedded microcomputer. Additionally, 60 the portion of purchaser payment instructions 15 comprising 
security information 40 comprises a secret number known the purchase order information. In this case, then an encryp- 
by the cardholder and the card issuer, such as a personal tion method is chosen that allows merchant 14 and financial 
identification number (PIN) 60. PIN 60 is a number that is institution 22 the ability to decrypt this portion of purchaser 
used by a cardholder to identify themself to their bank to payment instructions 15. In this case, however, financial 
authorize on-line ATM/POS transactions. 6 5 institution 22 is still the only party able to decrypt the 
Purchaser 12 may enter card information 39 and security encrypted card information 39 and security information 40 
information 40 by placing card 44 into communication with within purchaser payment instructions 15. Alternatively, 
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purchaser 12 may encrypt the digitally signed purchase 
payment instructions 15 in such as way so that decryption of 
the whole purchaser payment instructions 15 may be per- 
formed only by financial institution 22. Thus, secure mecha- 
nism 74 provides a first level of protection with the digital 
signature, and a further level of protection and privacy with 
encryption of the digitally signed purchaser payment 
instructions 15. Therefore, purchaser 12 provides merchant 
14 with purchaser payment instructions 15 that comprise 
optionally encrypted, digitally signed and DES encrypted 
card information 39 and security information 40 utilized in 
an on-line ATM/POS transaction. 

Merchant 14 appends merchant payment instructions 17 
to purchaser payment instructions 15 to form financial 
transaction instructions 18 (Block 122). Merchant payment 
instructions 17 may comprise information identifying mer- 
chant's bank 34 and merchant's deposit account number for 
crediting, as well as other similar merchant information 
related to the transaction. Merchant payment instructions 17 
may also include purchase order information including 
merchant's transaction amount, merchant identification 
information, the currency to be utilized, etc. Secure mecha- 
nism 76 (FIG. 1) is utilized to protect the transmission of 
financial transaction instructions 18, comprising the secure 
mechanism 74 protected purchaser payment instructions 15 
and merchant payment instructions 17, over communica- 
tions network 20. Secure mechanism 76, similar to secure 
mechanism 74, provides integrity assurance by verifying 
that financial transaction instructions 18 have not been 
altered, and also allows financial institution 22 to confirm 
the identity of merchant 14. For example, secure mechanism 
76 may comprise one or a combination of the following 
operations on financial transaction instructions 18: symmet- 
ric encryption, asymmetric encryption, a purchaser's veri- 
fiable digital signature and a verifiable digital certificate. 
Although, as one skilled in the art will realize, many other 
security methods may be utilized. Preferably, financial trans- 
action instructions 18 are digitally signed by merchant 14. 
The digital signature of merchant 14 verifies merchant's 
identity and that financial transaction instructions 18 have 
not been altered. This provides a first level of protection for 
transmitting financial transaction instructions 18 over com- 
munications network 20. Since there may be no relationship 
between merchant 14 and financial institution 22, a digital 
certificate may also be used to provide verification of the 
identity of merchant 14, as well as providing the merchant's 
public key for use in sending an encrypted response back to 
the merchant. 

A second level of privacy and protection comprises 
encrypting the digitally signed financial transaction instruc- 
tions 18 before transmission to financial institution 22. Since 
the digital signature of financial transaction instructions 18 
that includes merchant payment instructions 17, such as the 
merchant's account number, leaves the merchant payment 
instructions in the clear, the merchant may have a strong 
motivation to further protect the privacy of the transaction. 
To further increase security, all or a portion of financial 
transaction instructions 18 may be encrypted by merchant 14 
with a key preferably known only by the merchant and 
financial institution 22. Thus, similar to purchaser payment 
instructions 15, financial transaction instructions 18 are 
protected by secure mechanism 76 (FIG. 1) and transferred 
through communications network 20 to financial institution 
22 (Block 124). 

Financial institution 22 receives the protected financial 
transaction instructions 18 and decrypts them (Block 126). 
Financial institution 22 then validates financial transaction 
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instructions 18, as well as insuring that purchase order 
information, purchaser's and merchant's transaction amount 
and other information utilized in performing the transaction 
is in agreement between purchaser 12 and merchant 14. As 
mentioned above, the present invention advantageously does 
not require any type of account relationship between pur- 
chaser 12, merchant 14 and financial institution 22. The 
purchaser 12 and/or merchant 14 only need to exchange 
keys with financial institution 22 for encryption/decryption 
purposes. Financial institution 22 then reformats card infor- 
mation 39 and security information 40 into transaction 
request 26 that meets the standard for an on-line ATM/POS 
transaction. Transaction request 26 is routed through and 
processed by on-line ATM/POS transaction system 24 
(Block 128). Typically, transaction request 26 is required to 
be sent in an encrypted format over on-line ATM/POS 
network 24 according to set standards. For example, finan- 
cial institution 22 such as Citibank® may route transaction 
request 26 through Citishare®, Citibank's ATM/POS net- 
work interface. Financial institution 22 and on-line ATM/ 
POS transaction system 24 thus treat transaction request 26 
as if it were an electronic transaction initiated at a merchant 
POS terminal, an ATM terminal or some other similar source 
directly connected to on-line ATM/POS transaction system 
24. By formatting transaction request 26 as a typical on-line 
ATM/POS transaction, the present invention allows financial 
transaction instructions 18 to be universally accepted by 
existing on-line ATM/POS financial transaction networks. 
Thus, the settlement of financial transaction instructions 18 
follows the standard procedure which is used for typical 
on-line ATM/POS transactions. 

Purchaser's bank 28 decrypts (if necessary) transaction 
request 26 and verifies purchaser's card information 39 and 
security information 40. Additionally, purchaser's bank 28 
performs a number of other checks, such to determine 
whether or not the card is stolen, the account is blocked, etc. 
Purchaser's bank 28 then approves or disapproves the trans- 
action on-line and in real time, as it would any other on-line 
ATM/POS transaction initiated at an ATM or a merchant 
location (Block 130). Purchaser's bank 28 makes an 
approval/disapproval decision by determining if the account 
associated with card information 39 has sufficient funds to 
cover the transaction amount identified in transaction 
request 26. If approved, then the transaction amount is 
reserved from the identified account so that it is not available 
for later transactions. Purchaser's bank sends the approval/ 
disapproval information in response message 30 to financial 
institution 22 through on-fine ATM/POS transaction system 
24 (Block 132). Financial institution 22 then sends autho- 
rization message 32 back to merchant 14 in real time (Block 
134). The term "real time" preferably means a time in the 
range of about seconds to about minutes, although it could 
be longer. Preferably, the time period from initialization of 
the transaction to the merchant receiving authorization mes- 
sage 32 is real time. If approved, financial institution 22 
initiates a credit, using traditional payment systems such as 
ACH system 38, to merchant's account at merchant's bank 
34 in accordance with the instructions contained in mer- 
chant's payment instructions 17 (Block 136). The settlement 
of financial transaction instruction 18 typically occurs at the 
end of the business day of the transaction, as purchaser's 
account is debited and merchant's account is credited. Thus, 
with real time verified funding and confidence of a payment, 
a merchant is able to respond within minutes to an order over 
the Internet comprising a low cost financial transaction 
presented by a purchaser on a personal computer utilizing 
checking or savings account funds (Block 138). 
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Referring to FIGS. 4A-4C, an e-mail method for per- ber data and the security information including per- 
forming an on-line ATM/POS transaction similar to that in sonal identification number data; 
FIGS. 3A-3C is described. Rather than the transaction being retrieving the card number data from the financial 
performed over a World Wide Web site, however, in FIGS. transaction instruction, wherein the card number data 
4A-4C the transaction is performed via e-mail. As such, the 5 is associated with a checking or savings account in 
initiation of the transaction is somewhat different. In per- purchaser's bank for funding the financial transac- 
forming an on-line ATM/POS transaction using e-mail, the tion; 

purchaser accesses payment software in their computer that retrieving the personal identification number data, 

allows them to utilize their checking and savings account in wherein the personal identification number data is 

an e-mail payment transaction (Block 210). The software 1Q associated with the card number data to identify the 

allows order information to be associated with a selected purchaser and authorize use of the card number data; 

payment option (Block 212). Once the appropriate account a nd 

is selected (Block 214), the remainder of the method (Blocks retrieving the transaction amount information; 

216-238) is basically the same as the method in FIGS. generating a transaction request in a format for pro- 

3A-3C except that communications network 16 (FIG. 1) ^ cessing in the on-line ATM/POS transaction system 

between purchaser and merchant and/or communications 15 using the card information, the security information 

network 20 (FIG. 1) between merchant and financial insti- , and ' he transaction amount information; and 

. • r ui -i forwarding the transaction request via the on-line ATM/ 

tution is preferably e-mail. r»^o * * * *u u > u i c 

„ r . J , , POS transaction system to the purchaser s bank for 

The present invention advantageously allows any con- authorization of the financial transaction between the 

sumer with a valid ATM card or smart card, issued by any 20 purchaser and the merchant, 

financial institution anywhere in the world, to utilize their 2. A method of performing a financial transaction as 

checking or savings account from a personal computer in an recited in claim 1, wherein the received financial transaction 

on-line ATM/POS transaction over the Internet. Because the instruction further comprises a first secure mechanism hav- 

present invention provides a financial transaction instruction ing at least a first level of protection comprising performing 

that can be utilized with existing on-line ATM/POS trans- 2 s an operation on the financial transaction instruction to 

action systems, the option to perform a checking or savings provide verification of the identity of the purchaser and the 

account transaction over the Internet is available to anyone integrity of the financial transaction instruction while leav- 

with a hardware device capable of reading information from ing all of the financial transaction instruction in the clear 

an ATM card or smart card and the software to securely send except for the encrypted card information and the encrypted 

the information over a public access network to a financial 30 security information. 

institution providing access to the on-line ATM/POS trans- 3 - A method of performing a financial transaction as 

action system. The present invention allows any consumer recited in c . laim 2 > wherein the first level of protection 

having a valid ATM card or smart card to perform an comprises digitally signing the financial transaction mstruc- 

electronic financial transaction instruction, regardless of tl( \ n w A Ith ^digital signature of the purchaser. 

. t , . *l • £ * 1 • ** cc Z- 4. A method of performing a financial transaction as 

whether or not their financial institution offers this service. , . >% ^ • fL c * 1 1 r 

™_ c 4 , C1 , tt . , . ji recited in claim 2, wherein the first level of protection 

Therefore, the availability of Internet transactions mvolving ^ ending a digital certificate of the purchaser to 

checking and savings accounts is dramatically expanded to me finandal traQsactioD instni ction. 

all consumers having ATM or smart cards. 5 A method of performing a financial transaction as 

Additionally, the present system may also be utilized for recited in claim 2, wherein the first secure mechanism 

numerous other transactions involving checking or savings 40 further comprises a second level of protection including 

accounts. For example, the present system may be advan- encrypting the financial transaction instruction for secure 

tageously utilized to electronically pay bills, transfer money transmission over the first public access network, 

between individuals, and to perform business to business 6. A method of performing a financial transaction as 

payments using the World Wide Web, e-mail and all of the recited in claim 5, wherein the encrypting the financial 

other Internet protocols. 45 transaction for the second level of protection comprises 

Although the invention has been described with reference encrypting in a manner decryptable by the merchant, 

to these preferred embodiments, other embodiments can 7. A method of performing a financial transaction as 

achieve the same results. Variations and modifications of the recited in claim 5, wherein the encrypting the financial 

present invention will be apparent to one skilled in the art transaction for the second level of protection comprises 

and the following claims are intended to cover all such 50 encrypting in a manner decryptable by the service provider, 

modifications and equivalents. 8. A method of performing a financial transaction as 

What is claimed is: recited in claim 5, further comprising the service provider 

1. A method of performing a financial transaction between decrypting and verifying the financial transaction instruc- 

a purchaser and a merchant, comprising: tion. 

under control of a service provider having a direct con- 55 9. A method of performing a financial transaction as 

nection to an on-line ATM/POS transaction system, recited in claim 8, further comprising transmitting to the 

receiving via a first public access network an electronic merchant an authorization message indicating the approval 

financial transaction instruction initiated by the pur- status of the transaction request. 

chaser to make a purchase over the first public access 10. A method of performing a financial transaction as 

network from the merchant, the financial transaction 60 recited in claim 2, wherein the first public access network is 

instruction comprising encrypted card information, the Internet. 

encrypted security information and transaction 11. A method of performing a financial transaction as 

amount information each suitable for use in an recited in claim 10, wherein the Internet protocol is the 

on-line ATM/POS transaction, wherein the card World Wide Web. 

information and security information are encrypted 65 12. A method of performing a financial transaction as 

according to ATM/POS transaction system recited in claim 10, wherein the Internet protocol is elec- 

standards, the card information including card num- tronic mail. 
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13. A method of performing a financial transaction as 
recited in claim 2, further comprising receiving merchant 
payment instructions appended to the financial transaction 
instruction. 

14. A method of performing a financial transaction as 
recited in claim 13, wherein the received financial transac- 
tion instruction further comprises a second secure mecha- 
nism that protects the security of the financial transaction 
instruction for transmission over a second public access 
network, wherein the second secure mechanism provides 
verification of the identity of the merchant and the integrity 
of the financial transaction instruction. 

15. A method of performing a financial transaction as 
recited in claim 14, wherein the second secure mechanism 
provides at least a third level of protection comprising 
performing an operation on the financial transaction instruc- 
tion to provide verification of the identity of the merchant 
and the integrity of the financial transaction instruction 
while leaving all of the financial transaction instruction in 
the clear except for the encrypted card information and 
security information. 

16. A method of performing a financial transaction as 
recited in claim 15, wherein the third level of protection 
comprises digitally signing the financial transaction instruc- 
tion with the digital signature of the merchant. 

17. A method of performing a financial transaction as 
recited in claim 15, wherein the third level of protection 
comprises appending a digital certificate of the merchant to 
the financial transaction instruction. 

18. A method of performing a financial transaction as 
recited in claim 15, wherein the second secure mechanism 
further includes a second type of protection comprising 
encrypting the financial transaction instruction for secure 
transmission over the second public access network. 

19. A method of performing a financial transaction as 
recited in claim 18, wherein encrypting the financial trans- 
action for the second type of protection comprises encrypt- 
ing in a manner decryptable by a financial institution pro- 
viding access to the on-line ATM/POS transaction system. 

20. A method of performing a financial transaction as 
recited in claim 18, further comprising decrypting the finan- 
cial transaction instruction. 

21. A method of performing a financial transaction as 
recited in claim 18, further comprising transmitting to the 
merchant an authorization message indicating the approval 
status of the transaction request. 

22. A method of performing a financial transaction as 
recited in claim 14, wherein the second secure mechanism 
comprises encrypting the financial transaction instruction. 

23. A method of performing a financial transaction 
between a purchaser and a merchant, comprising: 

under control of a purchaser computer connected through 
a first public access network to the merchant to make a 
purchase from the merchant, 

generating an electronic financial transaction instruc- 
tion for the purchaser to make a purchase over the 
first public access network from the merchant, the 
financial transaction instruction comprising card 
information, security information and transaction 
amount information each suitable for use in an 
on-line ATM/POS transaction, wherein the card 
information and security information are encrypted 
according to ATM/POS transaction system stan- 
dards; 

including card number data with the card information, 
wherein the card number data is associated with a 
checking or savings account in purchaser's bank for 
funding the on-line ATM/POS transaction; 
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including personal identification number data with the 
security information, wherein the personal identifi- 
cation number data is associated with the card num- 
ber data to identify the purchaser and authorize use 
of the card number data; and 

protecting the security of the financial transaction 
instruction for transmission over the first public 
access network by utilizing a first secure mechanism, 
wherein the first secure mechanism comprises a first 
level of protection and a second level of protection, 
wherein the first level of protection comprises per- 
forming an operation on the financial transaction 
instruction to provide verification of the identity of 
the purchaser and the integrity of the financial trans- 
action instruction while leaving all of the financial 
transaction instruction in the clear except for the 
encrypted card information and security information, 
and wherein the second level of protection comprises 
encrypting the financial transaction instruction for 
secure transmission over the first public access 
network, 

under control of a service provider having a direct con- 
nection to the on-line ATM/POS transaction system, 
receiving the financial transaction instruction; 
retrieving the card information, the security informa- 
tion and the transaction amount information; 
generating a transaction request in a format for pro- 
cessing in the on-line ATM/POS transaction system 
using the card information, the security information 
and the transaction amount information; and 
forwarding the transaction request via the on-line ATM/ 
POS transaction system to the purchaser's bank for 
authorization of the financial transaction between the 
purchaser and the merchant. 

24. A method of performing a financial transaction as 
recited in claim 23, wherein creating the financial transac- 
tion instruction is performed on a personal computer exter- 
nal from the on-line ATM/POS transaction system. 

25. A method of performing a financial transaction as 
recited in claim 24, wherein the first public access network 
is the Internet. 

26. A method of performing a financial transaction as 
recited in claim 25, wherein the Internet protocol is the 
World Wide Web. 

27. A method of performing a financial transaction as 
recited in claim 25, wherein the Internet protocol is elec- 
tronic mail. 

28. A method of performing a financial transaction as 
recited in claim 24, wherein the first level of protection 
comprises digitally signing the financial transaction instruc- 
tion with the digital signature of the purchaser. 

29. A method of performing a financial transaction as 
recited in claim 24, wherein the first level of protection 
comprises appending a digital certificate of the purchaser to 
the financial transaction instruction. 

30. A method of performing a financial transaction as 
recited in claim 24, further comprising the service provider 
transmitting to the merchant an authorization message indi- 
cating the approval status of the transaction request. 

31. A method of performing a financial transaction 
between a purchaser and a merchant, comprising: 

under control of a purchaser computer connected through 
a first public access network to the merchant to make a 
purchase from the merchant, 

generating an electronic purchaser payment instruction 
for the purchaser to make a purchase over the first 
public access network from the merchant, the pur- 
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chaser payment instruction comprising card 
information, security information and transaction 
amount information each suitable for use in an 
on-line ATM/POS transaction, wherein the card 
information and security information are encrypted 
according to ATM/POS transaction system stan- 
dards; 

including card number data with the card information, 
wherein the card number data is associated with a 
checking or savings account in purchaser's bank for 
funding the on-line ATM/POS transaction; 

including personal identification number data with the 
security information, wherein the personal identifi- 
cation number data is associated with the card num- 
ber data to identify the purchaser and authorize use 
of the card number data; 

protecting the security of the purchaser payment 
instruction for transmission over the first public 
access network by utilizing a first secure mechanism, 
wherein the first secure mechanism comprises a first 
level of protection and a second level of protection, 
wherein the first level of protection comprises per- 
forming an operation on the purchaser payment 
instruction to provide verification of the identity of 
the purchaser and the integrity of the purchaser 
payment instruction while leaving all of the pur- 
chaser payment instruction in the clear except for the 
encrypted card information and security information, 
and wherein the second level of protection comprises 
encrypting the purchaser payment instruction for 
secure transmission over the first public access net- 
work; 

under control of the merchant, 

appending merchant payment instructions to the pur- 
chaser payment instruction to form a financial trans- 
action instruction; and 

protecting the security of the financial transaction 
instruction for transmission over a second public 
access network by utilizing a second secure 
mechanism, wherein the second secure mechanism 
provides verification of the identity of the merchant 
and the integrity of the financial transaction instruc- 
tion; 

under control of a service provider having a direct con- 
nection to the on-line ATM/POS transaction system, 
receiving the financial transaction instruction; 
retrieving the card information, the security informa- 
tion and the transaction amount information; 
generating a transaction request in a format for pro- 
cessing in the on-line ATM/POS transaction system 
using the card information, the security information 
and the transaction amount information; 
forwarding the transaction request via the on-line ATM/ 
POS transaction system to the purchaser's bank for 
authorization; 
receiving a response message from the purchaser's 
bank indicating an approval or denial of the trans- 
action request; 
generating an authorization message based on the indi- 
cated approval or denial in the response message; 
and 

forwarding the authorization message to the merchant, 
over the first public access network, that notifies the 
merchant of the approval or denial of the financial 
transaction. 

32. A method of performing a financial transaction as 
recited in claim 31, wherein the first public access network 
and the second public access network are both the Internet. 
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33. A method of performing a financial transaction as 
recited in claim 32, wherein the Internet protocol is the 
World Wide Web. 

34. A method of performing a financial transaction as 
recited in claim 32, wherein the Internet protocol is elec- 
tronic mail. 

35. A method of performing a financial transaction as 
recited in claim 31, wherein the first level of protection 
comprises digitally signing the financial transaction instruc- 
tion with the digital signature of the purchaser. 

36. A method of performing a financial transaction as 
recited in claim 31, wherein the first level of protection 
comprises appending a digital certificate of the purchaser to 
the financial transaction instruction. 

37. A method of performing a financial transaction as 
recited in claim 31, wherein the second secure mechanism 
provides at least a third level of protection comprising 
performing an operation on the financial transaction instruc- 
tion to provide verification of the identity of the merchant 
and the integrity of the financial transaction instruction 
while leaving all of the financial transaction instruction in 
the clear except for the encrypted card information and 
security information. 

38. A method of performing a financial transaction as 
recited in claim 37, wherein the third level of protection 
comprises digitally signing the financial transaction instruc- 
tion with the digital signature of the merchant. 

39. A method of performing a financial transaction as 
recited in claim 37, wherein the third level of protection 
comprises appending a digital certificate of the merchant to 
the financial transaction instruction. 

40. A method of performing a financial transaction as 
recited in claim 37, wherein the second secure mechanism 
further includes a fourth level of protection comprising 
encrypting the financial transaction instruction for secure 
transmission over the second public access network. 

41. A method of performing a financial transaction as 
recited in claim 40, wherein the encrypting the financial 
transaction for the fourth level of protection comprises 
encrypting in a manner decryptable by a financial institution 
providing access to the on-line ATM/POS transaction sys- 
tem. 

42. A method of performing a financial transaction as 
recited in claim 31, wherein the second secure mechanism 
comprises encrypting the financial transaction instruction. 

43. A financial transaction system, comprising: 

an electronic financial transaction instruction in a first 
secured format initiated by a purchaser to make a 
purchase from a merchant over an electronic public 
access network, said financial transaction instruction 
comprising encrypted card information and security 
information, wherein said card information comprises 
identification of a checking or savings account held by 
said purchaser to be debited in said financial transaction 
and wherein said security information comprises a 
personal identification number known by said pur- 
chaser to authorize the use of said card information in 
said on-line ATM/POS transaction, and wherein said 
first secured format is a format that enables secure 
transmission over the first public access network of said 
financial transaction instruction to guarantee the iden- 
tity of said purchaser and the integrity of said financial 
transaction instruction; and 

a service provider connected to an on-line ATM/POS 
transaction system and connected to the first public 
access network, the service provider receiving the 
financial transaction instruction over the first public 
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access network and generating a transaction request in 
a format for processing in the on-line ATM/POS trans- 
action system using the card information, the security 
information and the transaction amount information, 
the service provider forwarding the transaction request 
via the on-line ATM/POS transaction system to the 
purchaser's bank for authorization and receiving a 
response message from the purchaser's bank indicating 
an approval or denial of the transaction request, the 
service provider generating an authorization message 
based on the indicated approval or denial in the 
response message and forwarding the authorization 
message to the merchant, over the first public access 
network, that notifies the merchant of the approval or 
denial of the financial transaction. 
44. A method of performing a financial transaction, com- 
prising: 

accessing by a purchaser via a first public access network 
a site of a merchant; 

generating a purchaser payment instruction, by the pur- 
chaser via the public access network, to order a pur- 
chase from the merchant, the purchase payment 
instruction including an exchange of a transaction 
amount between the purchaser and the merchant; 

attaching card information from a memory of a purchas- 
er's card to the purchaser payment instruction, the card 
information including purchaser account information 
associated with a purchaser's account at a purchaser's 
bank to be debited by the transaction amount; 

attaching a personal identification number known by the 
purchaser to the purchaser payment instruction, the 
personal identification number associated with the 
account information to authorize the use of the account 
information; 

encrypting the card information and the personal identi- 
fication number using an encryption standard compat- 
ible with a format for processing in an ATM/POS 
transaction system; 

applying a first secure mechanism to the purchaser pay- 
ment instruction, the first secure mechanism enabling 
secure transmission over the first public access network 
of the purchaser payment instruction to guarantee the 
identity of the purchaser and the integrity of the pur- 
chaser payment instruction; 

receiving the purchaser payment instruction by the mer- 
chant; 

appending a merchant payment instruction to the pur- 
chaser payment instruction to form a financial transac- 
tion instruction, the merchant payment instruction 
including merchant account information associated 
with a merchant's account at a merchant's bank to be 
credited by the transaction amount; 

applying a second secure mechanism to the financial 
transaction instruction, the second secure mechanism 
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enabling secure transmission over a second public 
access network of the financial transaction instruction 
to guarantee the identity of the merchant and the 
integrity of the financial transaction instruction; 

receiving the financial transaction instruction at a service 
provider via the second public access network, the 
service provider having a connection with the on-line 
ATM/POS transaction system; 

retrieving, by the service provider, the card information, 
the security information and the transaction amount; 

generating, by the service provider, a transaction request 
in a format for processing in the on-line ATM/POS 
transaction system using the card information, the 
security information and the transaction amount; 

forwarding, by the service provider, the transaction 
request to the purchaser's bank via the on-line ATM/ 
POS transaction system for authorization; 

receiving, by the service provider, a response message 
from the purchaser's bank indicating an approval or 
denial of the transaction request; 

generating, by the service provider, an authorization mes- 
sage based on the indicated approval or denial in the 
response message; and 

forwarding, by the service provider, the authorization 
message to the merchant, over the first public access 
network, that notifies the merchant of the approval or 
denial of the financial transaction. 

45. The method of claim 44, wherein the first pub He 
access network and the second public access network are 
both the Internet. 

46. The method of claim 44, wherein the first secure 
mechanism comprises a first level of protection and a second 
level of protection, wherein the first level of protection 
comprises a security method selected from the group con- 
sisting of applying a digital signature of the purchaser to the 
purchaser payment instruction and appending a digital cer- 
tificate of the purchaser to the purchaser payment 
instruction, and wherein the second level of protection 
comprises applying a first encryption format to the purchaser 
payment instruction, where the first encryption format is 
decryptable by the purchaser and the service provider. 

47. The method of claim 44, wherein the second secure 
mechanism comprises a third level of protection and a fourth 
level of protection, wherein the third level of protection 
comprises a security method selected from the group con- 
sisting of applying a digital signature of the merchant to the 
financial transaction instruction and appending a digital 
certificate of the purchaser to the financial transaction 
instruction, and wherein the fourth level of protection com- 
prises applying a second encryption format to the financial 
transaction instruction, where the second encryption format 
is decryptable by the merchant and the service provider. 
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